sshd stops accepting connections
Doug White
dwhite at gumbysoft.com
Wed Nov 17 19:15:09 PST 2004
On Fri, 12 Nov 2004, Simon L. Nielsen wrote:
> Today I suddenly couldn't log in via ssh to a server I upgraded to
> FreeBSD 5.3-RELEASE 4 days ago. When I tried connect to port 22 using
> telnet(1) the following just happend:
>
> [simon at zaphod:~] telnet 192.168.3.2 22
> Trying 192.168.3.2...
> Connected to jet.nitro.dk.
> Escape character is '^]'.
> Connection closed by foreign host.
You get this if:
. hosts.allow doesn't allow the client to connect.
. sshd can't fork the child to handle the connection.
. PAM is messed up and causes the PAM thread to abend.
. the sshd privsep user has gone missing
> The servar had been running FreeBSD 5.2.1 for a while without
> problems. After logging in on the console and sending the sshd master
> process a -HUP I could log in again (and I get the normal banner when
> connecting to the port with telnet(1)). I can't rally see in the log
> what happened, but there is a lot of "stale" sshd's hanging around,
> like:
>
> root 46015 0,0 0,4 4928 2220 ?? I Ons08pm 0:00,01 sshd: blah [pam] (sshd)
> root 58286 0,0 0,4 4920 2236 ?? Is Tor12pm 0:00,04 sshd: pascal [priv] (sshd)
> sshd 58287 0,0 0,0 0 0 ?? Z Tor12pm 0:00,03 <defunct>
> root 58288 0,0 0,4 4928 2236 ?? I Tor12pm 0:00,01 sshd: pascal [pam] (sshd)
> root 58932 0,0 0,4 4920 2236 ?? Is Tor01pm 0:00,05 sshd: ole_gudiksen [priv] (sshd)
> sshd 58934 0,0 0,0 0 0 ?? Z Tor01pm 0:00,06 <defunct>
> root 58935 0,0 0,4 4928 2236 ?? I Tor01pm 0:00,01 sshd: ole_gudiksen [pam] (sshd)
What ps is this? I didn't think FreeBSD's ps ouptut <defunct>.
> From all.log:
>
> Nov 11 12:04:38 nfishbone sshd[58286]: fatal: Timeout before authentication for 82.211.207.191
> Nov 11 13:02:34 nfishbone sshd[58932]: fatal: Timeout before authentication for 192.38.66.33
These are genrally normal and probaly not related to your problem...
> The only odd thing I could find in the logs with regard to ssh was a
> few lines like:
>
> Nov 11 22:35:49 nfishbone sshd[62378]: syslogin_perform_logout: logout() returned an error
These are also OK and not related to your problem.
--
Doug White | FreeBSD: The Power to Serve
dwhite at gumbysoft.com | www.FreeBSD.org
More information about the freebsd-stable
mailing list